Add HTTP 499 to transient error codes for model fallback#41468
Add HTTP 499 to transient error codes for model fallback#41468altaywtf merged 3 commits intoopenclaw:mainfrom
Conversation
Greptile SummaryThis PR adds HTTP 499 ("Client Closed Request") to Key changes:
Recommendation: Remove Confidence Score: 2/5
Last reviewed commit: c1daf4b |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
docker-compose.sandbox.yaml
Outdated
| # Sandbox OpenClaw instance for testing A2A channel experiments | ||
| # Managed by Zaf (main instance) | ||
| # |
There was a problem hiding this comment.
This file appears to be a personal development configuration specific to "Zaf" and is unrelated to the stated purpose of the PR ("Add HTTP 499 to transient error codes for model fallback"). It references personal host paths (${HOME}/.openclaw/workspace) and should not be merged into the main branch. Personal sandbox setups like this are typically better kept out of version control (e.g., added to .gitignore) rather than committed.
Prompt To Fix With AI
This is a comment left during a code review.
Path: docker-compose.sandbox.yaml
Line: 1-3
Comment:
This file appears to be a personal development configuration specific to "Zaf" and is unrelated to the stated purpose of the PR ("Add HTTP 499 to transient error codes for model fallback"). It references personal host paths (`${HOME}/.openclaw/workspace`) and should not be merged into the main branch. Personal sandbox setups like this are typically better kept out of version control (e.g., added to `.gitignore`) rather than committed.
How can I resolve this? If you propose a fix, please make it concise.
docker-compose.sandbox.yaml
Outdated
| --gemini-api-key $${GOOGLE_API_KEY} \ | ||
| --gateway-port 19789 \ | ||
| --gateway-bind lan \ | ||
| --gateway-auth token \ |
There was a problem hiding this comment.
A static authentication token is hardcoded in plain text on this line. Committing authentication tokens to version control is a security best practice violation — this token is now part of the repository's permanent git history. Source it from an environment variable instead:
--gateway-token ${SANDBOX_GATEWAY_TOKEN}Prompt To Fix With AI
This is a comment left during a code review.
Path: docker-compose.sandbox.yaml
Line: 44
Comment:
A static authentication token is hardcoded in plain text on this line. Committing authentication tokens to version control is a security best practice violation — this token is now part of the repository's permanent git history. Source it from an environment variable instead:
```yaml
--gateway-token ${SANDBOX_GATEWAY_TOKEN}
```
How can I resolve this? If you propose a fix, please make it concise.![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c1daf4b8fb
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
docker-compose.sandbox.yaml
Outdated
| --gateway-port 19789 \ | ||
| --gateway-bind lan \ | ||
| --gateway-auth token \ | ||
| --gateway-token sandbox-token-zaf-2026 |
There was a problem hiding this comment.
This compose file hardcodes --gateway-token sandbox-token-zaf-2026 while also exposing the gateway port and binding to LAN, so anyone with network access to the host can authenticate with a publicly known credential. Even for sandbox environments, this creates an avoidable unauthorized-access path; the token should come from an environment variable (or generated secret) instead of being committed.
Useful? React with 👍 / 👎.
docker-compose.sandbox.yaml
Outdated
| # First run: initialize if needed | ||
| if [ ! -f /data/.openclaw/openclaw.json ]; then | ||
| echo 'Initializing sandbox OpenClaw...' | ||
| node /app/openclaw.mjs onboard \ |
There was a problem hiding this comment.
The documented usage suggests docker-compose -f docker-compose.sandbox.yaml up -d is sufficient, but this command path runs node /app/openclaw.mjs directly and that bootstrap requires local build output (dist/entry.(m)js), which is not tracked in git. On a clean clone, the container exits immediately unless users manually build first, so this setup should either build/install dependencies in-container or document/enforce the prerequisite explicitly.
Useful? React with 👍 / 👎.
zeroasterisk
force-pushed
the
fix/transient-499-504
branch
from
c1daf4b to
e20073b
Compare
499 (Client Closed Request) is commonly returned by Anthropic during overload but was missing from TRANSIENT_HTTP_ERROR_CODES, so it didn't trigger model fallback. Fixes openclaw#41467
altaywtf
force-pushed
the
fix/transient-499-504
branch
from
69f4c8b to
0053bae
Compare
|
Merged via squash.
Thanks @zeroasterisk! |
* main: (33 commits) Exec: mark child command env with OPENCLAW_CLI (openclaw#41411) fix(plugins): expose model auth API to context-engine plugins (openclaw#41090) Add HTTP 499 to transient error codes for model fallback (openclaw#41468) Logging: harden probe suppression for observations (openclaw#41338) fix(discord): apply effective maxLinesPerMessage in live replies (openclaw#40133) build(protocol): regenerate Swift models after pending node work schemas (openclaw#41477) Agents: add fallback error observations (openclaw#41337) acp: harden follow-up reliability and attachments (openclaw#41464) fix(agents): probe single-provider billing cooldowns (openclaw#41422) acp: add regression coverage and smoke-test docs (openclaw#41456) acp: forward attachments into ACP runtime sessions (openclaw#41427) acp: enrich streaming updates for ide clients (openclaw#41442) Sandbox: import STATE_DIR from paths directly (openclaw#41439) acp: restore session context and controls (openclaw#41425) acp: fail honestly in bridge mode (openclaw#41424) Gateway: tighten node pending drain semantics (openclaw#41429) Gateway: add pending node work primitives (openclaw#41409) fix(auth): reset cooldown error counters on expiry to prevent infinite escalation (openclaw#41028) fix(cron): do not misclassify empty/NO_REPLY as interim acknowledgement (openclaw#41401) iOS: reconnect gateway on foreground return (openclaw#41384) ...
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf (cherry picked from commit c9a6c54)
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) Merged via squash. Prepared head SHA: 0053bae Co-authored-by: zeroasterisk <[email protected]> Co-authored-by: altaywtf <[email protected]> Reviewed-by: @altaywtf
) (cherry picked from commit c9a6c54)
) (cherry picked from commit c9a6c54)
2 participants
Adds 499 (Client Closed Request) to
TRANSIENT_HTTP_ERROR_CODES. Anthropic commonly returns this during overload — without it in the set, these errors don't trigger model fallback.Fixes #41467